From 90292d090113dec9ad1d592b920301811b2ec3e0 Mon Sep 17 00:00:00 2001
From: Justin Gasper <jmgasper@gmail.com>
Date: Thu, 23 Oct 2025 06:55:34 +1100
Subject: [PATCH 1/5] V6 endpoint update

---
 src/lib/config/hosts.ts                      | 2 +-
 src/lib/functions/profile-nudges.ts          | 4 ++--
 src/lib/functions/support/support.service.ts | 4 ++--
 src/lib/functions/user-profile.provider.ts   | 4 ++--
 types/src/lib/config/hosts.d.ts              | 2 +-
 5 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/lib/config/hosts.ts b/src/lib/config/hosts.ts
index 80c37a05..2d27c0a3 100644
--- a/src/lib/config/hosts.ts
+++ b/src/lib/config/hosts.ts
@@ -26,7 +26,7 @@ export const APP_AUTH_CONNECTOR: string = `https://accounts-auth0.${TC_DOMAIN}`;
 export const ONLINE_REVIEW_HOST: string = `https://software.${TC_DOMAIN}`;
 export const TCACADEMY_HOST: string = `https://academy.${TC_DOMAIN}`;
 export const SELF_SERVICE_HOST: string = `https://work.${TC_DOMAIN}`;
-export const TC_API_V5_HOST: string = `https://api.${TC_DOMAIN}/v5`;
+export const TC_API_HOST: string = `https://api.${TC_DOMAIN}/v6`;
 export const CONNECT_HOST: string = `https://connect.${TC_DOMAIN}`;
 export const WORK_MANAGER_HOST: string = `https://challenges.${TC_DOMAIN}`;
 export const PROFILE_HOST: string = `https://profiles.${TC_DOMAIN}`;
diff --git a/src/lib/functions/profile-nudges.ts b/src/lib/functions/profile-nudges.ts
index 513d245c..3cb52094 100644
--- a/src/lib/functions/profile-nudges.ts
+++ b/src/lib/functions/profile-nudges.ts
@@ -1,4 +1,4 @@
-import { TC_API_V5_HOST } from "lib/config";
+import { TC_API_HOST } from "lib/config";
 import type { AuthUser } from "lib/app-context";
 import { DISABLE_NUDGES, NUDGES_DISABLED_HOSTS } from "lib/config/profile-toasts.config";
 
@@ -51,7 +51,7 @@ export const fetchUserProfileCompletedness = async (user: AuthUser, force = fals
   // for QA purpose only
   const toastOverrideFlagParam = (window?.location.search.match(/[?&]+toast=(\w+)/i) ?? [])[1];
   const toastOverrideFlag = toastOverrideFlagParam ? `?toast=${toastOverrideFlagParam}` : '';
-  const requestUrl: string = `${TC_API_V5_HOST}/members/${userHandle}/profileCompleteness${toastOverrideFlag}`;
+  const requestUrl: string = `${TC_API_HOST}/members/${userHandle}/profileCompleteness${toastOverrideFlag}`;
   const request = fetch(requestUrl, {headers: {...getRequestAuthHeaders()}});
 
   const response = await (await request).json();
diff --git a/src/lib/functions/support/support.service.ts b/src/lib/functions/support/support.service.ts
index 680466a6..745f6967 100644
--- a/src/lib/functions/support/support.service.ts
+++ b/src/lib/functions/support/support.service.ts
@@ -1,8 +1,8 @@
-import { TC_API_V5_HOST } from 'lib/config';
+import { TC_API_HOST } from 'lib/config';
 import type { ContactSupportRequest } from './contact-support-request.model'
 
 export async function sendSupportRequest(request: ContactSupportRequest): Promise<any> {
-  const url: string = `${TC_API_V5_HOST}/challenges/support-requests`
+  const url: string = `${TC_API_HOST}/challenges/support-requests`
 
   return fetch(url, {
     method: 'POST',
diff --git a/src/lib/functions/user-profile.provider.ts b/src/lib/functions/user-profile.provider.ts
index 60eed871..d19d3f16 100644
--- a/src/lib/functions/user-profile.provider.ts
+++ b/src/lib/functions/user-profile.provider.ts
@@ -1,6 +1,6 @@
 import type { AuthUser } from '../../main';
 import { AUTH_USER_ROLE, AUTH_USER_ROLE_VALUES } from '../config/auth';
-import { TC_API_V5_HOST } from '../config';
+import { TC_API_HOST } from '../config';
 import { getAuthJwtDomainProp, getRequestAuthHeaders } from './auth-jwt';
 
 export type fetchUserProfileFn = () => AuthUser | null;
@@ -46,7 +46,7 @@ export const fetchUserProfile = async (): Promise<AuthUser> => {
   let resolve: (value: AuthUser) => void;
   localCache[userHandle] = new Promise((r) => {resolve = r});
 
-  const requestUrl: string = `${TC_API_V5_HOST}/members/${userHandle}`;
+  const requestUrl: string = `${TC_API_HOST}/members/${userHandle}`;
   const request = fetch(requestUrl, {headers: {...getRequestAuthHeaders()}});
 
   const response = await (await request).json();
diff --git a/types/src/lib/config/hosts.d.ts b/types/src/lib/config/hosts.d.ts
index 5f0af8e6..3e7051c8 100644
--- a/types/src/lib/config/hosts.d.ts
+++ b/types/src/lib/config/hosts.d.ts
@@ -9,7 +9,7 @@ export declare const APP_AUTH_CONNECTOR: string;
 export declare const ONLINE_REVIEW_HOST: string;
 export declare const TCACADEMY_HOST: string;
 export declare const SELF_SERVICE_HOST: string;
-export declare const TC_API_V5_HOST: string;
+export declare const TC_API_HOST: string;
 export declare const CONNECT_HOST: string;
 export declare const WORK_MANAGER_HOST: string;
 export declare const PROFILE_HOST: string;

From eb9dd9b01ade00fc9890bddf40a3766a9715b574 Mon Sep 17 00:00:00 2001
From: Kiril Kartunov <kkartunov@users.noreply.github.com>
Date: Tue, 28 Oct 2025 15:36:23 +0200
Subject: [PATCH 2/5] Add Trivy scanner workflow for vulnerability scanning

---
 .github/workflows/trivy.yaml | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 .github/workflows/trivy.yaml

diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml
new file mode 100644
index 00000000..7b9fa483
--- /dev/null
+++ b/.github/workflows/trivy.yaml
@@ -0,0 +1,34 @@
+name: Trivy Scanner
+
+permissions:
+  contents: read
+  security-events: write
+on:
+  push:
+    branches:
+      - main
+      - dev
+  pull_request:
+jobs:
+  trivy-scan:
+    name: Use Trivy
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Run Trivy scanner in repo mode
+        uses: aquasecurity/trivy-action@0.33.1
+        with:
+          scan-type: "fs"
+          ignore-unfixed: true
+          format: "sarif"
+          output: "trivy-results.sarif"
+          severity: "CRITICAL,HIGH,UNKNOWN"
+          scanners: vuln,secret,misconfig,license
+          github-pat: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: "trivy-results.sarif"

From b1bcabfdc4ca4cff3626e7ae660c47b5f84053e6 Mon Sep 17 00:00:00 2001
From: Vasilica Olariu <olariu.vasilica@gmail.com>
Date: Wed, 29 Oct 2025 17:31:26 +0200
Subject: [PATCH 3/5] update review app host

---
 src/lib/config/hosts.ts                         | 2 +-
 src/lib/config/nav-menu/all-nav-items.config.ts | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/lib/config/hosts.ts b/src/lib/config/hosts.ts
index 2d27c0a3..9e1d02e1 100644
--- a/src/lib/config/hosts.ts
+++ b/src/lib/config/hosts.ts
@@ -23,7 +23,7 @@ export const THRIVE_HOST: string = {
 }[HOST_ENV] || `https://www.${TC_DOMAIN}`;
 
 export const APP_AUTH_CONNECTOR: string = `https://accounts-auth0.${TC_DOMAIN}`;
-export const ONLINE_REVIEW_HOST: string = `https://software.${TC_DOMAIN}`;
+export const REVIEW_APP_HOST: string = `https://review.${TC_DOMAIN}`;
 export const TCACADEMY_HOST: string = `https://academy.${TC_DOMAIN}`;
 export const SELF_SERVICE_HOST: string = `https://work.${TC_DOMAIN}`;
 export const TC_API_HOST: string = `https://api.${TC_DOMAIN}/v6`;
diff --git a/src/lib/config/nav-menu/all-nav-items.config.ts b/src/lib/config/nav-menu/all-nav-items.config.ts
index 0c47f625..823d3fc4 100644
--- a/src/lib/config/nav-menu/all-nav-items.config.ts
+++ b/src/lib/config/nav-menu/all-nav-items.config.ts
@@ -6,7 +6,7 @@ import {
     COMMUNITY_HOST,
     CONNECT_HOST,
     COPILOT_PORTAL_HOST,
-    ONLINE_REVIEW_HOST,
+    REVIEW_APP_HOST,
     TALENT_SEARCH_HOST,
     TCACADEMY_HOST,
     PLATFORM_APP_HOST,
@@ -142,7 +142,7 @@ export const allNavItems: {[key: string]: NavMenuItem} = {
     },
     review: {
         label: 'Review',
-        url: ONLINE_REVIEW_HOST,
+        url: REVIEW_APP_HOST,
         icon: 'review',
         description: 'Review submissions',
     },

From 42b5c51fc54ec39c28a6472429c5704802b1734e Mon Sep 17 00:00:00 2001
From: Vasilica Olariu <olariu.vasilica@gmail.com>
Date: Wed, 29 Oct 2025 17:31:43 +0200
Subject: [PATCH 4/5] deploy

---
 .circleci/config.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 6cd09e84..561def1a 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -221,6 +221,7 @@ workflows:
                 - dev
                 - TOP-2044_show-signin-modal
                 - maintenance
+                - review-app
 
       - deployProd:
           context: org-global

From 4d5d409bfd382b8fe819b3da1a181eec0baf6cad Mon Sep 17 00:00:00 2001
From: Vasilica Olariu <olariu.vasilica@gmail.com>
Date: Wed, 29 Oct 2025 17:34:22 +0200
Subject: [PATCH 5/5] fix types

---
 types/src/lib/config/hosts.d.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/types/src/lib/config/hosts.d.ts b/types/src/lib/config/hosts.d.ts
index 3e7051c8..a5298426 100644
--- a/types/src/lib/config/hosts.d.ts
+++ b/types/src/lib/config/hosts.d.ts
@@ -6,7 +6,7 @@ export declare const CHALLENGE_HOST: string;
 export declare const COMMUNITY_HOST: string;
 export declare const THRIVE_HOST: string;
 export declare const APP_AUTH_CONNECTOR: string;
-export declare const ONLINE_REVIEW_HOST: string;
+export declare const REVIEW_APP_HOST: string;
 export declare const TCACADEMY_HOST: string;
 export declare const SELF_SERVICE_HOST: string;
 export declare const TC_API_HOST: string;